Lucene search
HistoryMay 22, 2014 - 8:55 p.m.
CVE-2014-2350
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
5.3 Medium
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
75.2%
Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services, which allows remote attackers to bypass intended access restrictions via a TCP session, as demonstrated by a session that uses the telnet program.
Affected configurations
Node
emersondeltavMatch10.3.1
ORemersondeltavMatch11.3
ORemersondeltavMatch11.3.1
ORemersondeltavMatch12.3
Related
cve
cve
nessus
nessus
Emerson Deltav Unspecified Vulnerability
2021-08-10 00:00:00
Emerson DeltaV Credentials Management Errors (CVE-2014-2350)
2022-02-07 00:00:00
cvelist
cvelist
prion
prion
Hardcoded credentials
2014-05-22 20:55:00
Hardcoded credentials
2022-07-26 22:15:00
Code injection
2022-07-26 22:15:00
ptsecurity
ptsecurity
PT-2013-91: Hard-Coded Access Credentials in Emerson DeltaV
2013-03-10 00:00:00
ics
ics
Emerson DeltaV Vulnerabilities
2018-09-06 12:00:00
nvd
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
5.3 Medium
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
75.2%
Related for NVD:CVE-2014-2350